Project *Core Apps » Bazaar » ChatSecure:Android » KeySync » Orbot » Orfox Private Browser » Orweb » Secure ReaderCacheWordIOCipherNetCipherPanicTrusted Intents » CheckeyLibreoSpideyStoryMakerâ„¢SecureSmartCam » CameraV (InformaCam Project) » ObscuraCam
Tracker *Bug Feature Task
Subject *
Description When new SSL certificate is supplied by the server, ChatSecure displays the MD5 and SHA-1 fingerprint. Don't display the MD5 fingerprint because doesn't offer no protection against certificate forgeries. MD5 considered harmful today - Creating a rogue CA certificate http://www.win.tue.nl/hashclash/rogue-ca/ https://wiki.mozilla.org/CA:MD5and1024 https://en.wikipedia.org/wiki/MD5 I recommend displaying the SHA-1 and SHA2-256 fingerprints of the SSL certificate.
Status *New
Priority *Low Normal High Urgent Immediate
Assignee << me >>carriestienschrisballingerdbrodchilesdevrandomhansliorn8fr8Anonymous
Target version v14 - Armadillo's Agram v14.2 bug fix update! v14.2.1 v15 - AWESOME APP Backlog
Start date
Due date
Estimated time Hours
% Done0 % 10 % 20 % 30 % 40 % 50 % 60 % 70 % 80 % 90 % 100 %
Component
Files (Maximum size: 195 MB)